Massive Botnet Operator Arrested by International Authorities

Hacker using laptop. Lots of digits on the computer screen.

WASHINGTON — International law enforcement officers arrested a Chinese citizen and disbanded a significant botnet network that officials said he managed for almost a decade and made at least $99 million in profits by reselling access to criminals who exploited it for identity theft, child exploitation, and financial fraud, including COVID-19 relief scams.

Wednesday, FBI Director Christopher Wray stated that the “911 S5” botnet—a network of malware-infected computers in approximately 200 countries—was “undoubtedly the world’s largest,” according to the U.S. Department of Justice.

Justice claims that 35-year-old Yunhe Wang was arrested on May 24 in Singapore, where search warrants were also carried out. Brett Leatherman, deputy assistant director for FBI cyber operations, added that the authorities confiscated $29 million in Bitcoin.

According to an indictment filed in Texas’ eastern district, cybercriminals have stolen “billions of dollars from financial institutions, credit card issuers and account holders, and federal lending programs since 2014” by using Wang’s network of zombie residential computers.

U.S. Attorney General Merrick Garland said that Wang, the network’s administrator, sold access to the 19 million Windows computers he hacked—more than 613,000 in the United States—to criminals who “exploited that access to perpetrate a wide range of crimes that victimized children, endangered people’s safety, and defrauded financial institutions and federal lending programs” during the takedown announcement.

He claimed that criminals who had access to the zombie network from Wang were responsible for fraud-related losses to relief programs totaling more than $5.9 billion. Officials projected that 560,000 unemployment insurance claims were filed fraudulently using compromised IP addresses.

Wang is accused of controlling the botnet via 150 dedicated servers, including half that were rented from online service providers headquartered in the United States.

The lawsuit alleges that Wang used his illegal profits to buy 21 properties in the United States, China, Singapore, Thailand, the United Arab Emirates, and St. Kitts and Nevis, where he obtained citizenship through investment, according to the justice department.

In its press statement, the Justice Department thanked the police and other officials in Singapore and Thailand for their assistance.